Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/ssh/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何将ansible中的ssh密钥从源服务器转发到目标计算机上的签出git存储库?_Git_Ssh_Ansible_Bitbucket_Ansible Playbook - Fatal编程技术网
Fatal编程技术网
  • git/
  • 如何将ansible中的ssh密钥从源服务器转发到目标计算机上的签出git存储库?

如何将ansible中的ssh密钥从源服务器转发到目标计算机上的签出git存储库?

git ssh ansible

如何将ansible中的ssh密钥从源服务器转发到目标计算机上的签出git存储库?,git,ssh,ansible,bitbucket,ansible-playbook,Git,Ssh,Ansible,Bitbucket,Ansible Playbook,我试图将ansible配置为从bitbucket签出git存储库并将其放在目标机器上。控制机器(我的电脑)具有bitbucket专用ssh密钥。公钥被上传到bitbucket,ssh访问已测试并运行 以下是ansible yml任务代码: - name: Checkout application become: no git: repo=git@bitbucket.org:bitbucketusername/deployment.git dest=/tmp/myapp

我试图将ansible配置为从bitbucket签出git存储库并将其放在目标机器上。控制机器(我的电脑)具有bitbucket专用ssh密钥。公钥被上传到bitbucket,ssh访问已测试并运行

以下是ansible yml任务代码:

- name: Checkout application
  become: no
  git: repo=git@bitbucket.org:bitbucketusername/deployment.git
       dest=/tmp/myapp
       accept_hostkey=True
       key_file=/home/me/.ssh/bitbucket_ssh_key
以下是错误:

Warning: Identity file /home/me/.ssh/bitbucket_ssh_key not accessible: 
No such file or directory.
Permission denied (publickey)
所以我认为密钥转发不起作用?这很奇怪,因为在我的
~/.ssh/config
中,我为目标机器111.222.333.444启用了转发:

Host 111.222.333.444
  ForwardAgent yes
那么到底出了什么问题?我如何将回购协议从bitbucket转移到我的目标机器上?我使用的是ansible 2.1.1.0

编辑:以下是当
-vvv
标志打开时,其投诉的部分:

TASK [Checkout application] *********************************************
task path: /home/me/path/to/the/ansible/playbook.yml:49
<111.222.333.444> ESTABLISH SSH CONNECTION FOR USER: deploy
<111.222.333.444> SSH: EXEC ssh -C -vvv -o ForwardAgent=yes -o StrictHostKeyChecking=no -o 'IdentityFile="/home/me/.ssh/the_ssh_key"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 111.222.333.444 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1477655760.17-42684399995480 `" && echo ansible-tmp-1477655760.17-42684399995480="` echo $HOME/.ansible/tmp/ansible-tmp-1477655760.17-42684399995480 `" ) && sleep 0'"'"''
<111.222.333.444> PUT /tmp/tmp0NYGtg TO /home/deploy/.ansible/tmp/ansible-tmp-1477655760.17-42684399995480/git
<111.222.333.444> SSH: EXEC sftp -b - -C -vvv -o ForwardAgent=yes -o StrictHostKeyChecking=no -o 'IdentityFile="/home/me/.ssh/the_ssh_key"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 '[111.222.333.444]'
<111.222.333.444> ESTABLISH SSH CONNECTION FOR USER: deploy
<111.222.333.444> SSH: EXEC ssh -C -vvv -o ForwardAgent=yes -o StrictHostKeyChecking=no -o 'IdentityFile="/home/me/.ssh/the_ssh_key"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 -tt 111.222.333.444 '/bin/sh -c '"'"'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/deploy/.ansible/tmp/ansible-tmp-1477655760.17-42684399995480/git; rm -rf "/home/deploy/.ansible/tmp/ansible-tmp-1477655760.17-42684399995480/" > /dev/null 2>&1 && sleep 0'"'"''
fatal: [app1]: FAILED! => {"changed": false, "cmd": "/usr/bin/git ls-remote '' -h refs/heads/HEAD", "failed": true, "invocation": {"module_args": {"accept_hostkey": true, "bare": false, "clone": true, "depth": null, "dest": "/tmp/myapp", "executable": null, "force": false, "key_file": "/home/me/.ssh/bitbucket_ssh_key", "recursive": true, "reference": null, "refspec": null, "remote": "origin", "repo": "git@bitbucket.org:memeares/deployment.git", "ssh_opts": null, "track_submodules": false, "update": true, "verify_commit": false, "version": "HEAD"}, "module_name": "git"}, "msg": 
"Warning: Identity file /home/me/.ssh/bitbucket_ssh_key not accessible: No such file or directory.
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.", "rc": 128, "stderr": "Warning: Identity file /home/me/.ssh/bitbucket_ssh_key not accessible: No such file or directory.
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
", "stdout": "", "stdout_lines": []}
修复它的最后一个错误是通过
ssh add~/.ssh/The_ssh_key
ssh代理添加密钥

我认为在我的例子中,是错误的组合让我走到了这一步,因为我以前使用
ssh add
添加了密钥,但在尝试调试其他错误后破坏了实例

供参考

还有一些没有提到的东西:


    

  • 如果密钥不是
    id\u rsa
    ,则使用
    -i\u ssh\u密钥手动指定它
    • 

  • 确保服务器在相关用户的
    ~/.ssh
    目录中实际拥有公钥
    的副本
    • 

  • 确保
    /etc/ssh/sshd_config
    具有
    AllowAgentForwarding yes
    • 

  • ssh代理-L
    告诉您ssh代理是否“知道”您的ssh密钥。(我不知道当您使用
    ssh-I指定密钥文件时为什么需要这样做?\u ssh\u key
    • 

  • 从控制机器上进行SSH时,包括
    -o AllowAgentForwarding=yes
    • 

您是否检查了您的
ssh代理是否通过
ps x
运行?是的,它显示为
ps-x | grep ssh
,并且
echo“$ssh_AUTH_SOCK”
的结果是
/tmp/ssh-HcUFUq3pxbhf/agent.2109
,因此它看起来正在运行。请检查:您没有提到Ansible target的SSHD配置。您是否启用了代理转发?(在
/etc/ssh/sshd_config
中)运行
ssh 111.222.333.444-o ForwardAgent=yes-o strichostkeychecking=no-o'IdentityFile=“/home/me/.ssh/the_-ssh_-key””ssh-Tgit@bitbucket.org“


[ssh_connection]
# Enable SSH Agent Forwarding so that the private key used to be able to
# checkout from git does not have to be on the server
ssh_args=-o ForwardAgent=yes